Misys FusionCapital Opics Plus contains multiple vulnerabilities

Original Release date: 19 Jul 2016 | Last revised: 19 Jul 2016
Impact
An authenticated attacker may be able escalate privileges to administrator, or perform full searches on the database. An unauthenticated attacker may be able decrypt SSL traffic between the client and server.
Solution

The CERT/CC is currently unaware of a practical solution to this problem.